Cisco Secure Access Third-Party Integrations API, Overview

Third-Party Integrations

The Cisco Secure Access Third-Party Integrations API enables you to manage integrations with third-party applications that support either REST-based APIs, Webhooks, or other technology-specific mechanisms. You can find the Secure Access Third-Party Integrations API endpoints under the admin scope.

Overview

About Secure Access Alerts

For more information, see Overview of Alerting.

About Push Security Events

For more information, see Overview of Push Security Events.

Rate Limits for Third-Party Integrations

Secure Access enables rate limits on the Third-Party Integrations API. For more information, see Rate Limits > Admin.

Request Headers

Unless specified, the Secure Access API endpoints use JSON for all requests and responses.

Note: For POST, PUT, and PATCH operations, set the HTTP Content-Type header to application/json in your API request.

How To Create a Third-Party Integration for a Webhook

Use the Secure Access Third-Party Integrations API to add a Webhook in Secure Access. The required fields are: name and type.

In the POST API request, you'll provide:

  • The name of your Webhook.
  • The type of the third-party integration. For a third-party integration with a Webhook, use webhook.v1.

Limitations

  • The Third-Party Integrations API accepts Basic authentication only.
  • You must create a third-party Credentials resource for the Webhook, which provides the username and password for access to the Webhook target.
  • If you provide an invalid URL for the Webhook or invalid credentials, the Webhook is not active and remains in the created state.

Request

curl \
  -L --location-trusted \
  --request POST --url 'https://api.sse.cisco.com/admin/v2/integrations' \
  --header 'Authorization: Bearer %YourAccessToken%' \
  --header 'Content-Type: application/json' \
  --data '{
      "name": "webhook one for integration of Cisco Secure Access push security events.",
      "type": "webhook.v1",
      "webhookConfig": {
          "url": ""https://api.company.com/webhook/onewebhook",
          "headers": [
            "Content-Type: application/json"
          ]
        }
    }'

Response

Sample response (200, OK):

{
    "href": "https://api.sse.cisco.com/admin/v2/integrations/12345a",
    "id": "12345a"
}

How To Create a Credential for Your Webhook

Use the Secure Access Third-Party Integrations API to add a Credential for your Webhook and third-party integration. The required fields are: name, type, and value.

In the API request, you'll provide:

  • The ID of the third-party integration for the Webhook. Provide the ID of the third-party integration for the Webhook in the intId path parameter.
  • The type of the credentials. For the Webhook, use basic-auth.
  • The username and password that the system will use to authenticate to the Webhook target.

Request

curl \
  -L --location-trusted \
  --request POST --url 'https://api.sse.cisco.com/admin/v2/integrations/{intId}/credentials' \
  --header 'Authorization: Bearer %YourAccessToken%' \
  --header 'Content-Type: application/json' \
  --data '{
        "name": "api credential for webhook one",
        "type": "basic-auth",
        "value": {
            "username": "apiuser",
            "password": "securepassword"
        }
    }'

Response

Sample response (200, OK):

{
    "href": "https://api.sse.cisco.com/admin/v2/integrations/12345a/credentials/456a",
    "id": "456a"
}

How To Create a Third-Party Integration for Push Security Events

Use the Secure Access Third-Party Integrations API to add a third-party integration for Push Security Events in Secure Access. The required fields are: name and type.

The third-party integration will enable Secure Access to send security events to the integrated Webhook. In the API request, you'll provide:

  • The name of the third-party integration for Push Security Events.
  • The type of the third-party integration. For Push Security Events, use security-events.v1.
  • The list of event sources for the third-party integration.
  • The list of targets for the third-party integration.

Request

curl \
  -L --location-trusted \
  --request POST --url 'https://api.sse.cisco.com/admin/v2/integrations' \
  --header 'Authorization: Bearer %YourAccessToken%' \
  --header 'Content-Type: application/json' \
  --data '{
      "name": "push security events one",
      "type": "security-events.v1",
      "securityEventsConfig": {
        "sources": [
            "dns",
            "ravpn"
        ],
        "targets": [
            "webhook.v1:12345a"
        ]
      }
    }'

Response

Sample response (200, OK):

{
    "href": "https://api.sse.cisco.com/admin/v2/integrations/12345ab",
    "id": "12345ab"
}

Get a Third-Party Integration for Push Security Events

Use the Secure Access Third-Party Integrations API to get the details about a third-party integration for Push Security Events in Secure Access. The required path parameter is: intId.

In the API request, you'll provide the ID of the third-party integration for Push Security Events.

curl \
  -L --location-trusted \
  --request GET --url 'https://api.sse.cisco.com/admin/v2/integrations/{intId}' \
  --header 'Authorization: Bearer %YourAccessToken%' \
  --header 'Content-Type: application/json'

Response

Sample response (200, OK):

{
    "integration": {
        "createdBy": "admin@company.com",
        "createdAt": "2026-01-15T10:30:00Z",
        "createdFromIp": "192.168.1.101",
        "href": "https://api.sse.cisco.com/admin/v2/integrations/12345ab",
        "name": "push security events one",
        "type": "security-events.v1",
        "status": "active"
    }
}

Third-Party Integrations API Endpoints